当前位置: 首页>>代码示例>>Java>>正文


Java DOMValidateContext.setProperty方法代码示例

本文整理汇总了Java中javax.xml.crypto.dsig.dom.DOMValidateContext.setProperty方法的典型用法代码示例。如果您正苦于以下问题:Java DOMValidateContext.setProperty方法的具体用法?Java DOMValidateContext.setProperty怎么用?Java DOMValidateContext.setProperty使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在javax.xml.crypto.dsig.dom.DOMValidateContext的用法示例。


在下文中一共展示了DOMValidateContext.setProperty方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: testLocalFilesystem

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
@org.junit.Test
public void testLocalFilesystem() throws Exception {
    String file = "signature-external-c14n-xmlatrs.xml";

    DOMValidateContext vc =
        validator.getValidateContext(
            file, new KeySelectors.SecretKeySelector("secret".getBytes("ASCII"))
        );

    vc.setProperty("org.apache.jcp.xml.dsig.secureValidation", Boolean.FALSE);
    boolean coreValidity = validator.validate(vc);
    assertTrue("Signature failed core validation", coreValidity);

    vc.setProperty("org.apache.jcp.xml.dsig.secureValidation", Boolean.TRUE);

    try {
        validator.validate(vc);
        fail("Failure expected when secure validation is enabled");
    } catch (XMLSignatureException ex) {
        assertTrue(ex.getMessage().contains("URIReferenceException"));
    }
}
 
开发者ID:Legostaev,项目名称:xmlsec-gost,代码行数:23,代码来源:JSRForbiddenReferenceTest.java

示例2: validate

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
boolean validate(String fn, KeySelector ks, URIDereferencer ud,
    boolean cache) throws Exception {

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setNamespaceAware(true);
    dbf.setValidating(false);
    Document doc = dbf.newDocumentBuilder().parse(new File(dir, fn));
    NodeList nl =
        doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
    if (nl.getLength() == 0) {
        throw new Exception("Couldn't find signature Element");
    }
    Element sigElement = (Element) nl.item(0);
    DOMValidateContext vc = new DOMValidateContext(ks, sigElement);
    vc.setBaseURI(dir.toURI().toString());
    if (cache) {
        vc.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE);
    }
    XMLSignatureFactory factory = XMLSignatureFactory.getInstance();
    XMLSignature signature = factory.unmarshalXMLSignature(vc);
    if (ud != null) {
        vc.setURIDereferencer(ud);
    }
    boolean coreValidity = signature.validate(vc);

    // Check reference cache
    if (cache) {
        Iterator i = signature.getSignedInfo().getReferences().iterator();
        for (int j=0; i.hasNext(); j++) {
            Reference ref = (Reference) i.next();
            if (!digestInputEqual(ref)) {
                throw new Exception
                    ("cached data for Reference[" + j + "] is not correct");
            }
            // check that dereferenced data does not contain comment nodes
            if (ref.getURI() == "") {
                System.out.println("checking deref data");
                NodeSetData data = (NodeSetData) ref.getDereferencedData();
                Iterator ni = data.iterator();
                while (ni.hasNext()) {
                    Node n = (Node) ni.next();
                    if (n.getNodeType() == Node.COMMENT_NODE) {
                        throw new Exception("dereferenced data for " +
                            " Reference[" + j + " contains comment node");
                    }
                }
            }
        }
    }
    return coreValidity;
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:52,代码来源:SignatureValidator.java

示例3: main

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
public static void main(String[] args) throws Exception {
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setNamespaceAware(true);
    dbf.setValidating(false);
    dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
    Document doc = dbf.newDocumentBuilder().parse(new File(SIGNATURE));
    NodeList nl = doc.getElementsByTagNameNS(XMLSignature.XMLNS,
            "Signature");
    if (nl.getLength() == 0) {
        throw new RuntimeException("Couldn't find 'Signature' element");
    }
    Element element = (Element) nl.item(0);

    byte[] keyBytes = Base64.getDecoder().decode(validationKey);
    X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes);
    KeyFactory kf = KeyFactory.getInstance("RSA");
    PublicKey key = kf.generatePublic(spec);
    KeySelector ks = KeySelector.singletonKeySelector(key);

    DOMValidateContext vc = new DOMValidateContext(ks, element);

    // disable secure validation mode
    vc.setProperty("org.jcp.xml.dsig.secureValidation", Boolean.FALSE);

    // set a dummy dereferencer to be able to get content by references
    vc.setURIDereferencer(dereferencer);

    XMLSignatureFactory factory = XMLSignatureFactory.getInstance();
    XMLSignature signature = factory.unmarshalXMLSignature(vc);

    // run validation
    signature.validate(vc);
}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:34,代码来源:ErrorHandlerPermissions.java

示例4: testWrappingAttack

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
@org.junit.Test
public void testWrappingAttack() throws Exception {
    String file = "manifestSignatureWrapping.xml";

    Document doc = XMLUtils.createDocumentBuilder(false, false).parse(new File(dir, file));
    Element sigElement = SignatureValidator.getSignatureElement(doc);
    if (sigElement == null) {
        throw new Exception("Couldn't find signature Element");
    }
    DOMValidateContext vc =
        new DOMValidateContext(new KeySelectors.KeyValueKeySelector(), sigElement);
    vc.setBaseURI(dir.toURI().toString());

    vc.setProperty("org.apache.jcp.xml.dsig.secureValidation", Boolean.FALSE);
    boolean coreValidity = validator.validate(vc);
    assertTrue("Signature failed core validation", coreValidity);

    vc.setProperty("org.apache.jcp.xml.dsig.secureValidation", Boolean.TRUE);

    Element manifestElement =
        (Element) doc.getElementsByTagName("Manifest").item(0);
    vc.setIdAttributeNS(manifestElement, null, "Id");

    try {
        boolean valid = validator.validate(vc);
        System.out.println("Valid: " + valid);
        fail("Failure expected when secure validation is enabled");
    } catch (XMLSignatureException ex) {
        assertTrue(ex.getMessage().contains("URIReferenceException"));
    }
}
 
开发者ID:Legostaev,项目名称:xmlsec-gost,代码行数:32,代码来源:JSRWrappingAttackTest.java

示例5: test_signature_dsa_detached

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
@org.junit.Test
public void test_signature_dsa_detached() throws Exception {
    String file = "signature-dsa-detached.xml";

    DOMValidateContext vc = validator.getValidateContext
    (file, new KeySelectors.RawX509KeySelector());
    vc.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE);
    vc.setURIDereferencer(ud);

    boolean coreValidity = validator.validate(vc);
    assertTrue("Signature failed core validation", coreValidity);
}
 
开发者ID:Legostaev,项目名称:xmlsec-gost,代码行数:13,代码来源:PhaosXMLDSig3Test.java

示例6: test_signature_rsa_detached

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
@org.junit.Test
public void test_signature_rsa_detached() throws Exception {
    String file = "signature-rsa-detached.xml";

    DOMValidateContext vc = validator.getValidateContext
        (file, new KeySelectors.RawX509KeySelector());
    vc.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE);
    vc.setURIDereferencer(ud);
    boolean coreValidity = validator.validate(vc);
    assertTrue("Signature failed core validation", coreValidity);
}
 
开发者ID:Legostaev,项目名称:xmlsec-gost,代码行数:12,代码来源:PhaosXMLDSig3Test.java

示例7: getSigners

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
public List<X509Certificate> getSigners(URL url) throws IOException, ParserConfigurationException, SAXException,
		TransformerException, MarshalException, XMLSignatureException, JAXBException {
	List<X509Certificate> signers = new LinkedList<X509Certificate>();
	List<String> signatureResourceNames = getSignatureResourceNames(url);
	for (String signatureResourceName : signatureResourceNames) {
		LOG.debug("signature resource name: " + signatureResourceName);
		Document signatureDocument = loadDocument(url, signatureResourceName);
		if (null == signatureDocument) {
			LOG.warn("signature resource not found: " + signatureResourceName);
			continue;
		}

		NodeList signatureNodeList = signatureDocument.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
		if (0 == signatureNodeList.getLength()) {
			LOG.debug("no signature elements present");
			continue;
		}
		Node signatureNode = signatureNodeList.item(0);

		OPCKeySelector keySelector = new OPCKeySelector(url, signatureResourceName);
		DOMValidateContext domValidateContext = new DOMValidateContext(keySelector, signatureNode);
		domValidateContext.setProperty("org.jcp.xml.dsig.validateManifests", Boolean.TRUE);
		OOXMLURIDereferencer dereferencer = new OOXMLURIDereferencer(url);
		domValidateContext.setURIDereferencer(dereferencer);

		XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
		XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
		boolean validity = xmlSignature.validate(domValidateContext);

		if (false == validity) {
			LOG.debug("not a valid signature");
			continue;
		}
		// TODO: check what has been signed.

		X509Certificate signer = keySelector.getCertificate();
		signers.add(signer);
	}
	return signers;
}
 
开发者ID:e-Contract,项目名称:eid-applet,代码行数:41,代码来源:XPSSignatureVerifier.java

示例8: testSignedOOXML2

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
@Test
public void testSignedOOXML2() throws Exception {
	// setup
	URL url = OOXMLSignatureVerifierTest.class.getResource("/signed.docx");

	// operate
	OOXMLSignatureVerifier verifier = new OOXMLSignatureVerifier();
	List<X509Certificate> result = verifier.getSigners(url);

	// verify
	assertNotNull(result);
	assertEquals(1, result.size());
	X509Certificate signer = result.get(0);
	LOG.debug("signer: " + signer.getSubjectX500Principal());

	byte[] document = IOUtils.toByteArray(url.openStream());
	List<String> signatureResourceNames = verifier.getSignatureResourceNames(document);
	Document signatureDocument = verifier.getSignatureDocument(new ByteArrayInputStream(document),
			signatureResourceNames.get(0));
	NodeList signatureNodeList = signatureDocument.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");

	Element signatureElement = (Element) signatureNodeList.item(0);
	KeyInfoKeySelector keySelector = new KeyInfoKeySelector();
	DOMValidateContext domValidateContext = new DOMValidateContext(keySelector, signatureElement);
	domValidateContext.setProperty("org.jcp.xml.dsig.validateManifests", Boolean.TRUE);
	OOXMLURIDereferencer dereferencer = new OOXMLURIDereferencer(document);
	domValidateContext.setURIDereferencer(dereferencer);

	XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
	XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
	assertTrue(verifier.isValidOOXMLSignature(xmlSignature, document));
}
 
开发者ID:e-Contract,项目名称:eid-applet,代码行数:33,代码来源:OOXMLSignatureVerifierTest.java

示例9: testSignedOOXMLOffice2010ValidOOXML

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
@Test
public void testSignedOOXMLOffice2010ValidOOXML() throws Exception {
	// setup
	URL url = OOXMLSignatureVerifierTest.class.getResource("/hallo.docx");

	// operate
	OOXMLSignatureVerifier verifier = new OOXMLSignatureVerifier();
	List<X509Certificate> result = verifier.getSigners(url);

	// verify
	assertNotNull(result);
	assertEquals(1, result.size());
	X509Certificate signer = result.get(0);
	LOG.debug("signer: " + signer.getSubjectX500Principal());

	byte[] document = IOUtils.toByteArray(url.openStream());
	List<String> signatureResourceNames = verifier.getSignatureResourceNames(document);
	Document signatureDocument = verifier.getSignatureDocument(new ByteArrayInputStream(document),
			signatureResourceNames.get(0));
	NodeList signatureNodeList = signatureDocument.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");

	Element signatureElement = (Element) signatureNodeList.item(0);
	KeyInfoKeySelector keySelector = new KeyInfoKeySelector();
	DOMValidateContext domValidateContext = new DOMValidateContext(keySelector, signatureElement);
	domValidateContext.setProperty("org.jcp.xml.dsig.validateManifests", Boolean.TRUE);
	OOXMLURIDereferencer dereferencer = new OOXMLURIDereferencer(document);
	domValidateContext.setURIDereferencer(dereferencer);

	XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
	XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
	assertTrue(verifier.isValidOOXMLSignature(xmlSignature, document));
}
 
开发者ID:e-Contract,项目名称:eid-applet,代码行数:33,代码来源:OOXMLSignatureVerifierTest.java

示例10: XMLDSigWithSecMgr

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
XMLDSigWithSecMgr() throws Exception {
    setup();
    Document doc = db.newDocument();
    Element envelope = doc.createElementNS
        ("http://example.org/envelope", "Envelope");
    envelope.setAttributeNS("http://www.w3.org/2000/xmlns/",
        "xmlns", "http://example.org/envelope");
    doc.appendChild(envelope);

    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
    KeyPair kp = kpg.genKeyPair();

    // the policy only grants this test SocketPermission to accept, resolve
    // and connect to localhost so that it can dereference 2nd reference
    URI policyURI =
        new File(System.getProperty("test.src", "."), "policy").toURI();
    Policy.setPolicy
        (Policy.getInstance("JavaPolicy", new URIParameter(policyURI)));
    System.setSecurityManager(new SecurityManager());

    try {
        // generate a signature with SecurityManager enabled
        ArrayList refs = new ArrayList();
        refs.add(fac.newReference
            ("", sha1,
             Collections.singletonList
                (fac.newTransform(Transform.ENVELOPED,
                 (TransformParameterSpec) null)), null, null));
        refs.add(fac.newReference("http://localhost:" + ss.getLocalPort()
            + "/anything.txt", sha1));
        SignedInfo si = fac.newSignedInfo(withoutComments,
            fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), refs);
        XMLSignature sig = fac.newXMLSignature(si, null);
        DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), envelope);
        sig.sign(dsc);

        // validate a signature with SecurityManager enabled
        DOMValidateContext dvc = new DOMValidateContext
            (kp.getPublic(), envelope.getFirstChild());

        // disable secure validation mode so that http reference will work
        dvc.setProperty("org.jcp.xml.dsig.secureValidation", Boolean.FALSE);

        sig = fac.unmarshalXMLSignature(dvc);
        if (!sig.validate(dvc)) {
            throw new Exception
                ("XMLDSigWithSecMgr signature validation FAILED");
        }
    } catch (SecurityException se) {
        throw new Exception("XMLDSigWithSecMgr FAILED", se);
    }
    ss.close();
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:54,代码来源:XMLDSigWithSecMgr.java

示例11: validate

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
boolean validate(String fn, KeySelector ks, URIDereferencer ud,
    boolean cache) throws Exception {

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setNamespaceAware(true);
    dbf.setValidating(false);
    Document doc = dbf.newDocumentBuilder().parse(new File(dir, fn));
    NodeList nl =
        doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
    if (nl.getLength() == 0) {
        throw new Exception("Couldn't find signature Element");
    }
    Element sigElement = (Element) nl.item(0);
    DOMValidateContext vc = new DOMValidateContext(ks, sigElement);
    vc.setBaseURI(dir.toURI().toString());
    if (cache) {
        vc.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE);
    }
    XMLSignatureFactory factory = XMLSignatureFactory.getInstance();
    XMLSignature signature = factory.unmarshalXMLSignature(vc);
    if (ud != null) {
        vc.setURIDereferencer(ud);
    }
    boolean coreValidity = signature.validate(vc);

    // Check reference cache
    if (cache) {
        Iterator<Reference> i =
            signature.getSignedInfo().getReferences().iterator();
        for (int j = 0; i.hasNext(); j++) {
            Reference ref = i.next();
            if (!digestInputEqual(ref)) {
                throw new Exception
                    ("cached data for Reference[" + j + "] is not correct");
            }
            // check that dereferenced data does not contain comment nodes
            if (ref.getURI() == "") {
                System.out.println("checking deref data");
                @SuppressWarnings("unchecked")
                NodeSetData<Node> data =
                    (NodeSetData<Node>)ref.getDereferencedData();
                for (Node n : data) {
                    if (n.getNodeType() == Node.COMMENT_NODE) {
                        throw new Exception("dereferenced data for " +
                            " Reference[" + j + " contains comment node");
                    }
                }
            }
        }
    }
    return coreValidity;
}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:53,代码来源:SignatureValidator.java

示例12: XMLDSigWithSecMgr

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
XMLDSigWithSecMgr() throws Exception {
    setup();
    Document doc = db.newDocument();
    Element envelope = doc.createElementNS
        ("http://example.org/envelope", "Envelope");
    envelope.setAttributeNS("http://www.w3.org/2000/xmlns/",
        "xmlns", "http://example.org/envelope");
    doc.appendChild(envelope);

    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
    KeyPair kp = kpg.genKeyPair();

    // the policy only grants this test SocketPermission to accept, resolve
    // and connect to localhost so that it can dereference 2nd reference
    System.setProperty("java.security.policy",
            System.getProperty("test.src", ".") + File.separator + "policy");
    System.setSecurityManager(new SecurityManager());

    try {
        // generate a signature with SecurityManager enabled
        ArrayList refs = new ArrayList();
        refs.add(fac.newReference
            ("", sha1,
             Collections.singletonList
                (fac.newTransform(Transform.ENVELOPED,
                 (TransformParameterSpec) null)), null, null));
        refs.add(fac.newReference("http://localhost:" + ss.getLocalPort()
            + "/anything.txt", sha1));
        SignedInfo si = fac.newSignedInfo(withoutComments,
            fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), refs);
        XMLSignature sig = fac.newXMLSignature(si, null);
        DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), envelope);
        sig.sign(dsc);

        // validate a signature with SecurityManager enabled
        DOMValidateContext dvc = new DOMValidateContext
            (kp.getPublic(), envelope.getFirstChild());

        // disable secure validation mode so that http reference will work
        dvc.setProperty("org.jcp.xml.dsig.secureValidation", Boolean.FALSE);

        sig = fac.unmarshalXMLSignature(dvc);
        if (!sig.validate(dvc)) {
            throw new Exception
                ("XMLDSigWithSecMgr signature validation FAILED");
        }
    } catch (SecurityException se) {
        throw new Exception("XMLDSigWithSecMgr FAILED", se);
    }
    ss.close();
}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:52,代码来源:XMLDSigWithSecMgr.java

示例13: verify

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
@SuppressWarnings("unchecked")
protected void verify(InputStream input, final Message out) throws Exception { //NOPMD
    LOG.debug("Verification of XML signature document started");
    final Document doc = parseInput(input, out);

    XMLSignatureFactory fac;
    // Try to install the Santuario Provider - fall back to the JDK provider if this does
    // not work
    try {
        fac = XMLSignatureFactory.getInstance("DOM", "ApacheXMLDSig");
    } catch (NoSuchProviderException ex) {
        fac = XMLSignatureFactory.getInstance("DOM");
    }

    KeySelector selector = getConfiguration().getKeySelector();
    if (selector == null) {
        throw new IllegalStateException("Wrong configuration. Key selector is missing.");
    }

    DOMValidateContext valContext = new DOMValidateContext(selector, doc);
    valContext.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE);
    valContext.setProperty("org.jcp.xml.dsig.validateManifests", Boolean.TRUE);

    if (getConfiguration().getSecureValidation() == Boolean.TRUE) {
        valContext.setProperty("org.apache.jcp.xml.dsig.secureValidation", Boolean.TRUE);
        valContext.setProperty("org.jcp.xml.dsig.secureValidation", Boolean.TRUE);
    }
    setUriDereferencerAndBaseUri(valContext);

    setCryptoContextProperties(valContext);

    NodeList signatureNodes = getSignatureNodes(doc);

    List<XMLObject> collectedObjects = new ArrayList<XMLObject>(3);
    List<Reference> collectedReferences = new ArrayList<Reference>(3);
    int totalCount = signatureNodes.getLength();
    for (int i = 0; i < totalCount; i++) {

        Element signatureNode = (Element) signatureNodes.item(i);

        valContext.setNode(signatureNode);
        final XMLSignature signature = fac.unmarshalXMLSignature(valContext);

        if (getConfiguration().getXmlSignatureChecker() != null) {
            XmlSignatureChecker.Input checkerInput = new CheckerInputBuilder().message(out).messageBodyDocument(doc)
                    .keyInfo(signature.getKeyInfo()).currentCountOfSignatures(i + 1).currentSignatureElement(signatureNode)
                    .objects(signature.getObjects()).signatureValue(signature.getSignatureValue())
                    .signedInfo(signature.getSignedInfo()).totalCountOfSignatures(totalCount)
                    .xmlSchemaValidationExecuted(getSchemaResourceUri(out) != null).build();
            getConfiguration().getXmlSignatureChecker().checkBeforeCoreValidation(checkerInput);
        }

        boolean coreValidity;
        try {
            coreValidity = signature.validate(valContext);
        } catch (XMLSignatureException se) {
            throw getConfiguration().getValidationFailedHandler().onXMLSignatureException(se);
        }
        // Check core validation status
        boolean goon = coreValidity;
        if (!coreValidity) {
            goon = handleSignatureValidationFailed(valContext, signature);
        }
        if (goon) {
            LOG.debug("XML signature {} verified", i + 1);
        } else {
            throw new XmlSignatureInvalidException("XML signature validation failed");
        }
        collectedObjects.addAll(signature.getObjects());
        collectedReferences.addAll(signature.getSignedInfo().getReferences());
    }
    map2Message(collectedReferences, collectedObjects, out, doc);
}
 
开发者ID:HydAu,项目名称:Camel,代码行数:74,代码来源:XmlVerifierProcessor.java

示例14: testVerifySignature

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
@Test
public void testVerifySignature() throws Exception {

	java.util.logging.Logger logger = java.util.logging.Logger.getLogger("org.jcp.xml.dsig.internal.dom");
	logger.log(Level.FINE, "test");

	URL url = OOXMLSignatureVerifierTest.class.getResource("/hello-world-signed.docx");
	String signatureResourceName = getSignatureResourceName(url);
	LOG.debug("signature resource name: " + signatureResourceName);

	OOXMLProvider.install();

	ZipInputStream zipInputStream = new ZipInputStream(url.openStream());
	ZipEntry zipEntry;
	while (null != (zipEntry = zipInputStream.getNextEntry())) {
		if (false == signatureResourceName.equals(zipEntry.getName())) {
			continue;
		}
		Document signatureDocument = loadDocument(zipInputStream);
		LOG.debug("signature loaded");
		NodeList signatureNodeList = signatureDocument.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
		assertEquals(1, signatureNodeList.getLength());
		Node signatureNode = signatureNodeList.item(0);
		KeyInfoKeySelector keySelector = new KeyInfoKeySelector();
		DOMValidateContext domValidateContext = new DOMValidateContext(keySelector, signatureNode);
		domValidateContext.setProperty("org.jcp.xml.dsig.validateManifests", Boolean.TRUE);

		OOXMLURIDereferencer dereferencer = new OOXMLURIDereferencer(url);
		domValidateContext.setURIDereferencer(dereferencer);

		XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
		XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
		boolean validity = xmlSignature.validate(domValidateContext);
		assertTrue(validity);
		List<?> objects = xmlSignature.getObjects();
		for (Object object : objects) {
			LOG.debug("ds:Object class type: " + object.getClass().getName());
		}
		break;
	}
}
 
开发者ID:e-Contract,项目名称:eid-applet,代码行数:42,代码来源:OOXMLSignatureVerifierTest.java

示例15: verifySignature

import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
private boolean verifySignature(Element element, PublicKey validatingKey, AtomicReference<String> OutReadableErrorMessage) {
        if (OutReadableErrorMessage == null) {
                OutReadableErrorMessage = new AtomicReference<String>();
        }
        XMLSignatureFactory fac = initXMLSigFactory();
        NodeList nl = element.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
        if (nl.getLength() == 0) {
                throw new RuntimeException("Cannot find Signature element");
        }
        DOMValidateContext valContext = new DOMValidateContext(validatingKey, nl.item(0));
        try {
                valContext.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE);
                XMLSignature signature = fac.unmarshalXMLSignature(valContext);
                boolean coreValidity = signature.validate(valContext);
                // Check core validation status.
                if (coreValidity == false) {
                        logger.warn("Signature failed core validation");
                        boolean sv = signature.getSignatureValue().validate(valContext);
                        logger.debug("signature validation status: " + sv);
                        OutReadableErrorMessage.set("signature validation failed: " + sv + "." + OutReadableErrorMessage.get());
                        // Check the validation status of each Reference.
                        @SuppressWarnings("unchecked")
                        Iterator<Reference> i = signature.getSignedInfo().getReferences().iterator();
                        //System.out.println("---------------------------------------------");
                        for (int j = 0; i.hasNext(); j++) {
                                Reference ref = (Reference) i.next();
                                boolean refValid = ref.validate(valContext);
                                logger.debug(j);
                                logger.debug("ref[" + j + "] validity status: " + refValid);
                                if (!refValid) {
                                        OutReadableErrorMessage.set("signature reference " + j + " invalid. " + OutReadableErrorMessage.get());
                                }
                                logger.debug("Ref type: " + ref.getType() + ", URI: " + ref.getURI());
                                for (Object xform : ref.getTransforms()) {
                                        logger.debug("Transform: " + xform);
                                }
                                String calcDigValStr = digestToString(ref.getCalculatedDigestValue());
                                String expectedDigValStr = digestToString(ref.getDigestValue());
                                logger.warn("    Calc Digest: " + calcDigValStr);
                                logger.warn("Expected Digest: " + expectedDigValStr);
                                if (!calcDigValStr.equalsIgnoreCase(expectedDigValStr)) {
                                        OutReadableErrorMessage.set("digest mismatch for signature ref " + j + "." + OutReadableErrorMessage.get());
                                }
                        }
                } else {
                        logger.info("Signature passed core validation");
                }
                return coreValidity;
        } catch (Exception e) {
                OutReadableErrorMessage.set("signature validation failed: " + e.getMessage() + OutReadableErrorMessage.get());
                logger.fatal(e);
                return false;
        }
}
 
开发者ID:apache,项目名称:juddi,代码行数:55,代码来源:DigSigUtil.java


注:本文中的javax.xml.crypto.dsig.dom.DOMValidateContext.setProperty方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。